The WUSTL Secure Enclave service supports the NIST SP 800-171 Rev. 2 security standard, required for Cybersecurity Maturity Model Certification (CMMC) by the Department of Defense (DOD) and the Genomic Data Sharing (GDS) Policy by the National Institutes of Health (NIH) to protect Controlled Unclassified Information (CUI). If you plan to respond to a federal funding opportunity involving CUI, you must have appropriate cybersecurity measures to accept the grant or contract. This includes research data and project information generated during federally funded work.
RIS Service Desk
Research Infrastructure Services (RIS) can help you with an initial assessment and provide cost estimates for the technology needed to achieve compliance.
More about CUI and the CMMC framework
Research involving Controlled Unclassified Information requires special considerations. Understanding the physical and electronic controls required is key.
Training and Resources
Working with CUI data or working in areas containing CUI requires special training. Find out about training and the resources available to help you successfully safeguard data here at the university.
FAQ
Understanding the WUSTL-SEn environment is important, and you might have questions.
The assessment and cost estimates for technology needs may include:
- Communication Requirements – secure O365 accounts
- Data Storage and Compute requirements– Azure VM in a secure enclave
- Hardware requirements – security and software constraints
- Data Transfer Requirements
- Instrumentation – bringing lab equipment into the enclave
- Physical Security
- CUI Training
- Background Checks
Services & Rates
Services and rates for SEn can be found in the WashU Box.
Project Rate Examples
Examples of SEn project rates can be found in the WashU Box.
Please visit the Office of Information Security and the Office of the Vice Chancellor for Research for additional information or assistance in determining whether your RFP/RFI involves CUI.